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Please CANCEL claims 5 and 32. 
Please AMEND the claims as follows: 

1 > (Currently Amended) In a server adapted for authentication, authorization, and 
accountu3Lg> a method of generating a shared key between a Home Agent and a Mobile Node, 
comprising: 

receiving a request message from a Home Agent, the request message identifying the 
Mobile Node; 

deriving key information from a key or password associated with the Mobile Node; 

and 

sending a reply message to the Home Agent, the reply message including the key 
information associated with the Mobile Node, thereby enabling the Home Agent to derive a 
shared key to be shared between the Mobile Node and the Home Agent from the key 
information: 

wherein the reply message does not include the shared key to be shared between the 
Mobile Node and the Home Agent 

2. (Original) The method as recited in claim 1 , wherein deriving key information 
comprises: 

deriving the key information from a second set of key information derived from the 
key or password. 

3, (Original) The method as recited in claim 1, wherein deriving key information 
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comprises; 



obtaining the derived key information from a domain controller or server. 



(Original) 



The method as recited in claim 1, wherein the request message is an 



access request message and the reply message is an access reply message. 



5. 



(Cancelled) 



6. (Currently Amended) The method as recited in claim I $, further comprising: 
obtaining the key or password from a domain controller. 



7. (Original) The method as recited in claim 6, wherein obtaining the key or 
password from the domain controller comprises: 

sending a request to the domain controller for key or password associated with the 



Mobile Node; and 

receiving the key or password associated with the Mobile Node from the domain 
controller. 

8. (Origina) The method as recited in claim 1 , further comprising: 
applying the key information to authenticate the request message. 

9, (Original) The method as recited in claim 1 , wherein the key or password is 
stored at the Mobile Node, thereby enabling the Mobile Node to derive the key information 



from the key or password. 
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10. (Currently Amended) In a Home Agent supporting Mobile IP, a method of 
authenticating a Mobile Node, comprising: 

receiving a Mobile TP r egistration request from a Mobile Node, the Mobile IP 
registration request identifying the Mobile Node; 

sending a request message to a AAA server, the request message identifying the 
Mobile Node; 

receiving a reply message from the AAA server, the reply message including key 
information associated with the Mobile Node; 

deriving a key from the key information, the key being a shared key between the 
Mobile Node and the Home Agent; and 

sending a Mobile IP r egistration reply to the Mobile Nod e, wherein the Mobile IP 
registration reply does not nyfludy &S Key. 

1 1 . (Currently Amended) The method as recited in claim 1 0, wherein the Mobile IP 
registration request includes a CHAP challenge and response. 

12. (Currently Amended) The method as recited in claim 1 0, wherein deriving a key from 
the key information comprises deriving the key from the key information and a CHAP 
challenge and response obtained from the Mobile IP r egistration request, 

1 3 . (Currently Amended) The method as recited in claim 1 0, wherein deriving the key 
and sending the Mobile IP r egistration reply to the Mobile Node are performed when the 
reply message received from the AAA server indicates that the Mobile Node is successfully 
authenticated, 
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14. (Original) The method as recited in claim 1 0, wherein the request message is an 
access request message and the reply message is an access reply message, 

15. (Original) The method as recited in claim 1 0, wherein the Mobile Node is to 
derive the shared key from a second set of key information stored at the Mobile Node. 

1 6. (Original) The method as recited in claim 1 5, wherein the key information is 
equivalent to the second set of key information. 

17. (Original) The method as recited in claim 15, wherein the second set of key 
information stored at the Mobile Node is a root key, a password, or a key shared between the 
Mobile Node and the Home Agent in a previous session. 

1 8. (Original) The method as recited in claim 1 7, wherein the registration request 
includes a SPI, replay protection timestamp, and indicates an algorithm to be used to 
authenticate the registration reply, whe;rem the SPI, the replay protection timestamp, and the 
algorithm are associated with the second set of key information. 

19. (Original) The method as recited in claim 1 8, ftmher comprising: 

installing the derived key, the SPI, the replay protection timestamp, and the algorithm 
in a security association. 

20 > (Original) The method as recited in claim 1 7, wherein the registration reply 
includes a SPI, replay protection timestamp, and indicates an algorithm to be used to 
authenticate the registration reply, wherein the SPI, the replay protection timestamp, and the 
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algorithm are associated with the second set of key information. 

21 . (Currently Amended) The method as recited in claim 1 0, wherein the Mobile IP 
registration reply indicates that the Mobile Node is to derive the shared key between the 
Mobile Node and the Home Agent 

22. (Currently Amended) The method as recited in claim 21, wherein at least one of the 
presence of one or more extensions in the Mobile IP r egistration reply and an SPI in the 
Mobile IP r egistration reply indicates thai the Mobile Node is to derive the shared key 
between the Mobile Node and the Home Agent 

23. (Currently Amended) The method as recited in claim 1 0, wherein the Mobile IP 
registration request indicates that the Home Agent is to derive the shared key between the 
Mobile Node and the Home Agent from the key information. 

24. (Currently Amended) The method as recited in claim 23, wherein at least one of the 
presence of one or more extensions in the Mobile IP r egistration request and an SPI in the 
Mobile IP r egistration request indicates that the Home Agent is to derive the shared key 
between the Mobile Node and the Home Agent 

25. (Currently Amended) The method as recited in claim 23, wherein the presence of an 
authentication protocol extension in the Mobile IP r egistration request indicates a protocol to 
be used to authenticate die Mobile IP r egistration request and derive the shared key. 

26. (Original) The method as recited in claim 23, wherein the presence of a session 
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key extension and derived session key extension in the registration request indicates that both 
a session key and a derived session key are to be generated and installed, 

27. (Currently Amended) The method as recited in claim 26, further comprising: 
receiving a subsequent Mobile IP r egistration request from the Mobile Node to 

refresh the derived session key. 

28. (Currently Amended) The method as recited in claim 27, further comprising: 
authenticating the subsequent Mobile EP r egistration request using the session key. 

29. (Currently Amended) The method as recited in claim 27, farther comprising: 
sending a subsequent Mobile IP r egistration reply to the Mobile Node including the 

derived session key extension, wherein the Mobile IP r egistration reply is to be authenticated 
by the Mobile Node using the session key. 

30. (Original) The method as recited in claim 10, wherein the key information is a 
previously used session key shared between the Mobile Node and the Home Agent 

3 1 . (Original) The method as recited in claim 1 0, wherein the key information is 
derived from a password associated with the Mobile Node. 

32. (Cancelled) 

33. (Original) The method as recited in claim 10, further comprising; 
deriving a subsequent key from the shared key. 
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34. (Original) The method as recited in claim 33, wherein deriving the subsequent 
key from the shared key is performed when a binding associated with the Mobile Node is 
cleared. 

35. (Original) The method as recited in claim 34, wherein the binding associated with 
the Mobile Node is cleared upon expiration of the lifetime of the Mobile Node or de- 
registration of the Mobile Node* 

36. (Currently Amended) In a Mobile Node, a method of registering with a Home Agent 
supporting Mobile IP, comprising: 

sending a registration request to the Home Agent; 

receiving a registration reply from the Home Agent, the registration reply indicating 
that the Mobile Node is to derive a key to be shared between the Mobile Node and the Home 
Agen t wherein the registration reply does not include the key to be shared between the 
Mobile Node and the Home Agent: and 

deriving a key to be shared between the Mobile Node and the Home Agent from key 
information stored at the Mobile Node, 

37. (Original) The method as recited in claim 36, wherein deriving a key from the 
key information comprises deriving the key from the key information and a CHAP challenge 
and response obtained from the registration reply. 

38. (Original) The method as recited in claim 36, wherein the key information is a 
root key, a password, or a key shared between the Mobile Node and the Home Agent in a 
previous session. 
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39. (Original) The method as recited in claim 38, wherein the registration request 
includes a SPI, replay protection timestamp, and indicates an algorithm to be used to 
authenticate the registration request, wherein the SPI, the replay protection timestamp, and 
the algorithm are associated with the key information. 

40. (Original) The method as recited in claim 3 8, wherein the registration reply 
includes a SPI, replay protection timestamp, and indicates an algorithm to be used to 
authenticate the registration reply, wherein the SPI, the replay protection times tamp, and the 
algorithm are associated with the key information. 

4 1 . (Original) The method as recited in claim 3 6, wherein the registration reply 
indicates whether the Mobile Node is to derive the shared key between the Mobile Node and 
the Home Agent, the method further comprising: 

determining from the registration reply whether the Mobile Node is to derive the key; 
wherein deriving a key is performed when it is determined from the registration reply 
that the Mobile Node is to derive the key. 

42. (Original) The method as recited in claim 41, wherein at least one of the presence 
of one or more extensions in the registration reply and an SPI in the registration reply 
indicates that the Mobile Node is to derive the shared key between the Mobile Node and the 
Home Agent 

43. (Original) The method as recited in claim 36, wherein the registration request 
indicates that the Home Agent is to derive the shared key between the Mobile Node and the 
Home Agent from a second set of key information received by the Home Agent 

Arty Docket No,: CISCP334/6994 - 9 - Application No. 1 0/635,882 

PAGE 11/21 * RCVD AT 6/13/2007 7:42:08 PM [Eastern Daylight Time] ' SVR:USPTO-EFXRF-2/4 1 DNIS:2738300 * CSID:5106630920* DURATION (mm-ss):05-18 



JUN. 1 3. 2007 4:46PM 5106630920 



NO. 838 P. 12 



44. (Original) The method as recited in claim 43 , wherein at least one of the presence 
of one or more extensions in the registration request and an SPI in the registration request 
indicates that the Home Agent is to derive the shared key between the Mobile Node and the 
Home Agent 

45. (Currently Amended) A computer-readable medium storing thereon computer 
readable instructions for generating a shared key between a Home Agent and a Mobile Node 
in a server adapted for authentication, authorization, and accounting, comprising: 

instructions for receiving a request message from a Home Agent, the request message 
identifying the Mobile Node; 

instructions for deriving key information from a key or password associated with the 
Mobile Node; and 

instructions for sending a reply message to the Home Agent, the reply message 
including the key information associated with the Mobile Node, thereby enabling the Home 
Agent to derive a shared key to be shared between the Mobile Node and the Home Agent 
from the key informatio n, wherein the replymessage does not include the shared key . 

46. (Currently Amended) A server adapted for authentication, authorization, and 
accounting, the server being adapted for generating a shared key between a Home Agent and 
a Mobile Node, comprising: 

a processor; and 

a memory, at least one of the processor and the memory being adapted for: 
receiving a request message from a Home Agent, the request message identifying the 
Mobile Node; 
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deriving key information from a key or password associated with the Mobile Node; 

and 

sending a reply message to the Home Agent, the reply message including the key 
information associated with the Mobile Node, thereby enabling the Home Agent to derive a 
shared key to be shared between the Mobile Node and the Home Agent from the key 
informatio n, wherein the reply message does not include the shared key . 

47. (Currently Amended) A server adapted for authentication, authorization, and 
accounting, the server being adapted for generating a shared key between a Home Agent and 
a Mobile Node, comprising: 

means for receiving a request message from a Home Agent, the request message 
identifying the Mobile Node; 

means for deriving key information from a key or password associated with the 
Mobile Node] and 

means for sending a reply message to the Home Agent, the reply message including 
the key information associated with the Mobile Node, thereby enabling the Home Agent to 
derive a shared key to be shared between the Mobile Node and the Home Agent from the key 
informatio n, wherein the reply message does not include the shared key , 

48. (Currently Amended) A computer-readable medium storing thereon computer- 
readable instructions for authenticating a Mobile Node in a Home Agent supporting Mobile 
IP, comprising: 

instructions for receiving a registration request from a Mobile Node, the registration 
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request identifying the Mobile Node; 

instructions for sending a request message to a AAA server, the request message 
identifying the Mobile Node; 

instructions for receiving a reply message from the AAA server, the reply message 
including key information associated with the Mobile Node; 

instructions for deriving a key from the key information, the key being a shared key 
between the Mobile Node and the Home Agent; and 

instructions for sending a registration reply to the Mobile Nod e, wherein the 
registration reply does not include the shared key. 

49, (Currently Axnended) A Home Agent supporting Mobile IP, the Home Agent being 
adapted for authenticating a Mobile Node, comprising: 
a processor; and 

a memory, at least one of the processor and the memory being adapted for: 
receiving a registration request from a Mobile Node, the registration request 

identifying the Mobile Node; 

sending a request message to a AAA server, the request message identifying the 

Mobile Node; 

receiving a reply message from the AAA server, the reply message including key 
information associated with the Mobile Node; 

deriving a key from the key information, the key being a shared key between the 
Mobile Node and the Home Agent; and 

sending a registration reply to the Mobile Nod e, wherein the registration reply does 
AQt include the shared key, 
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50. (Cuirently Amended) A Home Agent supporting Mobile IP and adapted for 
authenticating a Mobile Node, comprising: 

means for receiving a registration request from a Mobile Node, the registration 
request identifying the Mobile Node; 

means for sending a request message to a AAA server, the request message 
identifying the Mobile Node; 

means for receiving a reply message from the AAA server, the reply message 
including key information associated with the Mobile Node; 

means for deriving a key from the key information, the key being a shared key 
between the Mobile Node and the Home Agent; and 

means for sending a registration reply to the Mobile Nod e, wherein the registration 
reply does not include the shared key . 



5 1 . (Currently Amended) A computer-readable medium storing thereon computer- 
readable instructions for registering a Mobile Node with a Home Agent supporting Mobile 
IP, comprising: 

instructions for sending a registration request to the Home Agent; 

instructions for receiving a registration reply from the Home Agent, the registration 
reply indicating that the Mobile Node is to derive a key to be shared between the Mobile 
Node and the Home Agent, wherein the registration reply does not include the key to be 
shared between the Mobile Node and the Home Agent; and 

instructions for deriving a key to be shared between the Mobile Node and the Home 
Agent from key information stored at the Mobile Node. 
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52. (Currently Amended) A Mobile Node adapted for registering with a Home Agent 
supporting Mobile IP, comprising: 

a processor; and 

a memory, at least one of the processor and the memory being adapted for: 
sending a registration request to the Home Agent; 

receiving a registration reply from the Home Agent, the registration reply indicating 
that the Mobile Node is to derive a key to be shared between the Mobile Node and the Home 
Agen t wherein the regis tration reply does not include the key; and 

deriving a key to be shared between the Mobile Node and the Home Agent from key 
information stored at the Mobile Node. 

53. . (Currently Amended) A Mobile Node adapted for registering with a Home Agent 
supporting Mobile IP, comprising: 

means for sending a registration request to the Home Agent; 

means for receiving a registration reply from the Home Agent, the registration reply 
indicating that the Mobile Node is to derive a key to be shared between the Mobile Node and 
the Home Agen t wherein the registration reply does not include the key; and 

means for deriving a key to be shared between the Mobile Node and the Home Agent 
from key information stored at the Mobile Node. 

Please ADD new claims as follows: 

54. (Newly Added) The method as recited in claim 1 , wherein deriving key 
information from a key or password associated with the Mobile Node includes: 
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deriving the key information from a password, wherein the key information is not 
derived from a key. 
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